Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Docker's built-in COPY --chmod functionality to fix the Docker build #68

Closed
wants to merge 1 commit into from
Closed

Use Docker's built-in COPY --chmod functionality to fix the Docker build #68

wants to merge 1 commit into from

Conversation

mmalecki
Copy link

This fixes an issue we were seeing when building the action:

  chmod: /entrypoint.sh: Operation not permitted

While maintaining the required end effect (presumably only necessary when building the image on Windows).

See also #67 for a solution that pins down the version (but doesn't permanently fix this particular bug).

@mmalecki
Use Docker's built-in COPY --chmod functionality
b43292a 
This fixes an issue we were seeing when building the action:

      chmod: /entrypoint.sh: Operation not permitted

While maintaining the required end effect (presumably only necessary
when building the image on Windows).
@hughsimpson
Copy link

This feels like the tighter solution to me

@mmalecki
Copy link
Author

This action still fails for us with this error, also likely due to the introduced Docker user change mentioned in #67:

ERROR: Error during SonarScanner execution
java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.scan.ProjectLock
	at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)
	at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:678)
	at org.sonar.core.platform.ComponentContainer.getComponentByType(ComponentContainer.java:277)
	at org.sonar.scanner.bootstrap.ScannerContainer.doBeforeStart(ScannerContainer.java:174)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:121)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:125)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:57)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:51)
	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
	at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)
	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
	at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.lang.IllegalStateException: Failed to create work directory
	at org.sonar.scanner.scan.ProjectLock.<init>(ProjectLock.java:25)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499)
	at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:480)
	at org.picocontainer.injectors.AbstractInjector.newInstance(AbstractInjector.java:145)
	at org.picocontainer.injectors.ConstructorInjector$1.run(ConstructorInjector.java:342)
	at org.picocontainer.injectors.AbstractInjector$ThreadLocalCyclicDependencyGuard.observe(AbstractInjector.java:270)
	at org.picocontainer.injectors.ConstructorInjector.getComponentInstance(ConstructorInjector.java:364)
	at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.getComponentInstance(AbstractInjectionFactory.java:56)
	at org.picocontainer.behaviors.AbstractBehavior.getComponentInstance(AbstractBehavior.java:64)
	at org.picocontainer.behaviors.Stored.getComponentInstance(Stored.java:91)
	at org.picocontainer.DefaultPicoContainer.getInstance(DefaultPicoContainer.java:699)
	at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:647)
	at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:50)
	... 22 more
Caused by: java.nio.file.AccessDeniedException: /github/workspace/.scannerwork
	at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
	at java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:3[97](https://github.com/goes-funky/git-read-service/actions/runs/8709650541/job/23889851024#step:13:98))
	at java.base/java.nio.file.Files.createDirectory(Files.java:700)
	at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:807)
	at java.base/java.nio.file.Files.createDirectories(Files.java:793)
	at org.sonar.scanner.scan.ProjectLock.<init>(ProjectLock.java:22)
	... 37 more
ERROR: 
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

But it's late for me, and the fix that comes to mind would be to revert to USER root, which I'm not sure if y'all wanna do. This at least fixes the build.

@nbolton
Copy link

nbolton commented Apr 16, 2024
edited
Loading

@cody-simms-sonarsource Any ETA on getting this PR merged? My options right now are disable SonarCloud for our CI (as it's blocking us) or branch this repo and use @mmalecki's PR.

@hughsimpson
Copy link

hughsimpson commented Apr 16, 2024
edited
Loading

Yeah actually I've checked this too now and get the same error as @mmalecki so probably need the base image reverted pinned

@devsegur
Copy link

That`s the breaking change what broke the docker image SonarSource/sonar-scanner-cli-docker@11e6606

relrod added a commit to relrod/django-ansible-base that referenced this pull request Apr 16, 2024
@relrod
Point to fork of sonar's github action for now
b2afdc1 
They've broken their image.
- SonarSource/sonarcloud-github-action#67
- SonarSource/sonarcloud-github-action#68

Signed-off-by: Rick Elrod <rick@elrod.me>
@relrod relrod mentioned this pull request Apr 16, 2024
Merged
relrod added a commit to relrod/django-ansible-base that referenced this pull request Apr 16, 2024
@relrod
Point to fork of sonar's github action for now
4773232 
They've broken their image.
- SonarSource/sonarcloud-github-action#67
- SonarSource/sonarcloud-github-action#68

Signed-off-by: Rick Elrod <rick@elrod.me>
@blakemotl-RL
Copy link

The docker image the action uses should absolutely be pinned to a sha hash rather than a mutable image tag. We were pinning the commit hash of the action and were still affected by this underlying change. That's not ok.

relrod added a commit to ansible/django-ansible-base that referenced this pull request Apr 16, 2024
@relrod
Point to fork of sonar's github action for now (#321)
0669225 
They've broken their image.
- SonarSource/sonarcloud-github-action#67
- SonarSource/sonarcloud-github-action#68

Signed-off-by: Rick Elrod <rick@elrod.me>
@matihaure
Copy link

hello guys! can you let us know when is merged? we were using this action :( , as a workaround, we are using v2.0.2 now

@claire-villard-sonarsource
Copy link
Contributor

Thanks, y'all, for your contributions.
The error was caused by an outage on April 16th. You can see all the details here.
The event is over, so I'm closing this PR.

@mmalecki mmalecki deleted the fix-chmod branch May 8, 2024 07:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Storm-BE Storm-BE Storm-BE approved these changes

@sourceful-karlson sourceful-karlson sourceful-karlson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
9 participants
@mmalecki @hughsimpson @nbolton @devsegur @blakemotl-RL @matihaure @claire-villard-sonarsource @Storm-BE @sourceful-karlson